![]() It's pretty old, but it seems URLs are technically the only unencrypted field but there is a lot of other unencrypted metadata as well. I'll update it here if I hear anything further.Įdit 2: Friend of mine sent me this unofficial documentation of the vault format. I personally don't fully trust this answer. ![]() Take this with a grain of salt, but they said that website URLs were the only unencrypted field. I can think of 1000 ways to use this to make a very convincing phish (such as with a fake autofill), and that's before you do stuff like sniff the URLs for tokens or query params.Įdit: I talked to a LastPass support rep.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |